Now that we've got a few rules on which to abide, let me show you a simple multi vDOMs based FortiGate setup and its intended behaviors: the destination interface of SSLVPN policies
Once a user is authenticated and granted access to the Web Portal, the traffic from this user's session is not limited to the SSLVPN policy that was matched for authentication, and each flow generated by user X from group Y is matched against:. The source IP address used by the FortiGate when accessing SSLVPN Web Portal is the IP address configured on the outgoing interface specified in the SSLVPN security policy. When configuring access for SSLVPN Web Portal mode, a few rules applies per default on FortiOS: Either you'd come client-less and will be bound to the so called SSLVPN Web Portal or you'd have the FortiClient VPN Client installed (or the full FortiClient) and you'll reach the SSLVPN tunnel facility. 
With FortiOS and this narrowed down the SSLVPN facilities, Fortinet offers two ways of handling incoming remote users connectivity.
0 kommentar(er)
